<?php
if (!defined('APP_ID')) { die('No direct script access allowed'); }

/**
 * Security class
 */
class Security {
	/**
	 * Security cleaning
	 */
	public static function clean($item) {
		if (is_array($item)) {
			$new_array = array();
			foreach ($item as $key => $value) {
				$new_array[self::cleanKey($key)] = self::clean($value);
			}
			return $new_array;
		}
		
		if (!get_magic_quotes_gpc()) {
			$item = stripslashes($item);
		}
		
		// Do some cleaning
		$item = self::cleanXss($item);
		
		return $item;
	}	

	/**
	 * Cleaning key
	 */
	public static function cleanKey($str) {
		if (!preg_match("/^[a-z0-9\:\_\/\-]+$/i", $str)) {
			Node_Exception('Wrong key value');
		}

		return $str;
	}

	/**
	 * XSS cleaning (Cross site scripting)
	 */
	public static function cleanXss($str) {
		// TODO: xss cleaning
		return $str;
	}	
}